Next week, October 4-6, the Virus Bulletin International Conference will be celebrating its twenty-seventh year in Madrid, Spain. Attending the event will be more than 400 delegates from around the world and the world’s leading IT security experts – from academia and vendors, to non-profits and mega corporations. Together, they’ll share their expertise, ideas, and research in cybersecurity.
The Virus Bulletin International Conference will offer three full days of cutting-edge presentations, debates, and panels that cover all aspects of the global threat landscape.
Cylance’s Director for Security Architecture, Aditya Kapoor, will be giving a talk at the event this year on the topic of UEFI BIOS, on Wednesday 4 October 11:30 – 12:00 in the Red room. Register here.
Have You Scanned Your BIOS Recently?
Periodic BIOS scanning is not a task that tends to be on an IT administrator’s radar. Even if an IT admin wants to understand the security status of the BIOS, they are ill equipped to find it. The impact of an attack against the BIOS is immense, as it creates a way to provide a persistent and virtually invisible attack.
UEFI code is usually written in C language and is much less well protected against code exploits, mainly because it has been a less well researched space. In 2015, Hacking Team‘s UEFI rootkit showed us that such attacks are indeed feasible. There have also been numerous academic talks showing the feasibility of such attacks.
In my upcoming talk at The Virus Bulletin International Conference, we will start with the basic background of the UEFI BIOS. We will look at the tools and solutions that currently exist for analyzing a UEFI BIOS. We will also discuss current theoretical and up-to-date, in-the-wild attacks. Further, we will look into recent technological advances in UEFI security and (Read more...)
This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog